|
1 | 1 | --- |
2 | 2 | title: Set up your network |
3 | 3 | description: Learn about solution architecture, network preparation, prerequisites, and other information needed to ensure that you successfully set up your network to work with Azure Defender for IoT appliances. |
4 | | -ms.date: 10/14/2021 |
| 4 | +ms.date: 10/24/2021 |
5 | 5 | ms.topic: how-to |
6 | 6 | --- |
7 | 7 |
|
@@ -101,46 +101,38 @@ Verify that your organizational security policy allows access to the following: |
101 | 101 |
|
102 | 102 | | Protocol | Transport | In/Out | Port | Used | Purpose | Source | Destination | |
103 | 103 | |--|--|--|--|--|--|--|--| |
104 | | -| HTTPS | TCP | In/Out | 443 | Sensor and on-premises management console web console | Access to Web console | Client | Sensor and on-premises management console | |
105 | | -| SSH | TCP | In/Out | 22 | CLI | Access to the CLI | Client | Sensor and on-premises management console | |
| 104 | +| HTTPS | TCP | In/Out | 443 | To access the sensor, and on-premises management console web console. | Access to Web console | Client | Sensor and on-premises management console | |
| 105 | +| SSH | TCP | In/Out | 22 | CLI | To access the CLI. | Client | Sensor and on-premises management console | |
106 | 106 |
|
107 | 107 | #### Sensor access to Azure portal |
108 | 108 |
|
109 | 109 | | Protocol | Transport | In/Out | Port | Used | Purpose | Source | Destination | |
110 | 110 | |--|--|--|--|--|--|--|--| |
111 | | -| HTTPS / Websocket | TCP | In/Out | 443 | The sensor's access to the Azure portal through a connection through Proxy| Access to Azure Portal | Sensor | Azure portal | |
112 | | -| HTTPS / Websocket | TCP | In/Out | 443 | Sensor to Azure connection through NAT | Access to Azure Portal | Sensor | Azure portal | |
| 111 | +| HTTPS / Websocket | TCP | In/Out | 443 | Gives the sensor access to the Azure portal. (Optional) Access can be granted through a proxy. | Access to Azure Portal | Sensor | Azure portal | |
113 | 112 |
|
114 | 113 | #### Sensor access to the on-premises management console |
115 | 114 |
|
116 | 115 | | Protocol | Transport | In/Out | Port | Used | Purpose | Source | Destination | |
117 | 116 | |--|--|--|--|--|--|--|--| |
118 | | -| SSL | TCP | In/Out | 443 | Sensor and on-premises management console | The connection between the sensor and the Central Management | Sensor | On-premises management console | |
119 | | -| NTP | UDP | In/Out | 123 | Time Sync | Connects the NTP to the on-premises management console | Sensor | On-premises management console | |
| 117 | +| SSL | TCP | In/Out | 443 | Give the sensor access to the on-premises management console. | The connection between the sensor, and the on-premises management console | Sensor | On-premises management console | |
| 118 | +| NTP | UDP | In/Out | 123 | Time Sync | Connects the NTP to the on-premises management console. | Sensor | On-premises management console | |
120 | 119 |
|
121 | | -#### Time Sync |
| 120 | +#### (Optional) Extra services for Defender for IoT |
122 | 121 |
|
123 | | -| Protocol | Transport | In/Out | Port | Used | Purpose | Source | Destination | |
124 | | -|--|--|--|--|--|--|--|--| |
125 | | -| NTP | UDP | In/Out | 123 | Time Sync | Connects the sensor to an external NTP server, when there is no on-premises management console installed | Sensor | NTP | |
126 | | - |
127 | | -#### (Optional) Defender for IoT extra services |
128 | | - |
129 | | -These protocols are reliant on the addition of the Access extra capabilities by opening these other ports. |
| 122 | +Open these ports to allow extra services for Defender for IoT. |
130 | 123 |
|
131 | 124 | | Protocol | Transport | In/Out | Port | Used | Purpose | Source | Destination | |
132 | 125 | |--|--|--|--|--|--|--|--| |
133 | | -| HTTP | TCP | Out | 80 | CRL download for certificate validation when uploading the certificates | Access to the CRL server | Sensor and on-premises management console | CRL server | |
134 | | -| LDAP | TCP | In/Out | 389 | Active Directory | The Active Directory management of users that have access to login to the system. | On-premises management console and Sensor | LDAP server | |
135 | | -| LDAPS | TCP | In/Out | 636 | Active Directory | The Active Directory management of users that have access to login to the system. | On-premises management console and Sensor | LDAPS server | |
136 | | -| SNMP | UDP | Out | 161 | Monitoring | Monitors the sensor's health | On-premises management console and Sensor | SNMP server | |
137 | | -| SMTP | TCP | Out | 25 | Email | Used to open the customer's mail server in order to send emails for alerts, and events. | Sensor and On-premises management console | Email server | |
138 | | -| Syslog | UDP | Out | 514 | LEEF | Logs that are sent from the on-premises management console to Syslog server | On-premises management console and Sensor | Syslog server | |
139 | | -| DNS | | In/Out | 53 | DNS | DNS server port | On-premises management console and Sensor | DNS server | |
140 | | -| WMI | UDP | Out | 135 | Monitoring | Windows Endpoint Monitoring | Sensor | Relevant network element | |
141 | | -| Tunneling | TCP | In | 9000 </br></br> on top of port 443 </br></br> From the sensor, or end user to the on-premises management console. </br></br> Port 22 from sensor to the on-premises management console. | Monitoring | Tunneling | Sensor | On-premises management console | |
| 126 | +| HTTP | TCP | Out | 80 | The CRL download for certificate validation when uploading certificates. | Access to the CRL server | Sensor and on-premises management console | CRL server | |
| 127 | +| LDAP | TCP | In/Out | 389 | Active Directory | Allows Active Directory management of users that have access, to log in to the system. | On-premises management console and Sensor | LDAP server | |
| 128 | +| LDAPS | TCP | In/Out | 636 | Active Directory | Allows Active Directory management of users that have access, to log in to the system. | On-premises management console and Sensor | LDAPS server | |
| 129 | +| SNMP | UDP | Out | 161 | Monitoring | Monitors the sensor's health. | On-premises management console and Sensor | SNMP server | |
| 130 | +| SMTP | TCP | Out | 25 | Email | Used to open the customer's mail server, in order to send emails for alerts, and events. | Sensor and On-premises management console | Email server | |
| 131 | +| Syslog | UDP | Out | 514 | LEEF | The logs that are sent from the on-premises management console to Syslog server. | On-premises management console and Sensor | Syslog server | |
| 132 | +| DNS | | In/Out | 53 | DNS | The DNS server port. | On-premises management console and Sensor | DNS server | |
| 133 | +| WMI | UDP | Out | 135 | Monitoring | Windows Endpoint Monitoring. | Sensor | Relevant network element | |
| 134 | +| Tunneling | TCP | In | 9000 </br></br> in addition to port 443 </br></br> Allows access from the sensor, or end user, to the on-premises management console. </br></br> Port 22 from the sensor to the on-premises management console. | Monitoring | Tunneling | Sensor | On-premises management console | |
142 | 135 | | Proxy | | | 443| Proxy | To connect the sensor to a proxy server | On-premises management console and Sensor| Proxy server | |
143 | | -| NAT | | | 443| | | | | |
144 | 136 |
|
145 | 137 | ### Plan rack installation |
146 | 138 |
|
|
0 commit comments